HardenedBSD/etc/rc.d/routing

142 lines
2.4 KiB
Bash
Executable File

#!/bin/sh
#
# Configure routing and miscellaneous network tunables
#
# $FreeBSD$
#
# PROVIDE: routing
# REQUIRE: netif ppp
# KEYWORD: nojail
. /etc/rc.subr
. /etc/network.subr
name="routing"
start_cmd="routing_start"
stop_cmd="routing_stop"
extra_commands="options static"
static_cmd="static_start"
options_cmd="options_start"
routing_start()
{
static_start
options_start
}
routing_stop()
{
route -n flush
}
static_start()
{
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
# Setup static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
# Now ATM static routes
#
if [ -n "${natm_static_routes}" ]; then
for i in ${natm_static_routes}; do
eval route_args=\$route_${i}
atmconfig natm add ${route_args}
done
fi
}
_ropts_initdone=
ropts_init()
{
if [ -z "${_ropts_initdone}" ]; then
echo -n 'Additional routing options:'
_ropts_initdone=yes
fi
}
options_start()
{
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
ropts_init
echo -n ' broadcast ping responses=YES'
sysctl net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
ropts_init
echo -n ' ignore ICMP redirect=YES'
sysctl net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
ropts_init
echo -n ' log ICMP redirect=YES'
sysctl net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
ropts_init
echo -n ' IP gateway=YES'
sysctl net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
ropts_init
echo -n ' do source routing=YES'
sysctl net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
ropts_init
echo -n ' accept source routing=YES'
sysctl net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
ropts_init
echo -n ' IPX gateway=YES'
sysctl net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
ropts_init
echo -n ' ARP proxyall=YES'
sysctl net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
[ -n "${_ropts_initdone}" ] && echo '.'
}
load_rc_config $name
run_rc_command "$1"